정책 시뮬레이터 역할 및 권한

이 페이지에는 정책 시뮬레이터의 IAM 역할과 권한이 나와 있습니다. 모든 역할과 권한을 검색하려면 역할 및 권한 색인을 참조하세요.

정책 시뮬레이터 역할

Role Permissions

Role	Permissions
Simulator Admin ^Beta (`roles/policysimulator.admin`) Admin user that can run and access replays.	`policysimulator.accessPolicySimulationResults.list` `policysimulator.accessPolicySimulations.` `policysimulator.accessPolicySimulations.create` `policysimulator.accessPolicySimulations.get` `policysimulator.accessPolicySimulations.list` `policysimulator.replayResults.list` `policysimulator.replays.` `policysimulator.replays.create` `policysimulator.replays.get` `policysimulator.replays.list` `policysimulator.replays.run`
OrgPolicy Simulator Admin ^Beta (`roles/policysimulator.orgPolicyAdmin`) OrgPolicy Admin that can run and access simulations.	`cloudasset.assets.analyzeOrgPolicy` `cloudasset.assets.exportResource` `cloudasset.assets.listResource` `cloudasset.assets.searchAllResources` `orgpolicy.customConstraints.get` `orgpolicy.customConstraints.list` `orgpolicy.policies.list` `orgpolicy.policy.get` `policysimulator.orgPolicyViolations.list` `policysimulator.orgPolicyViolationsPreviews.*` `policysimulator.orgPolicyViolationsPreviews.create` `policysimulator.orgPolicyViolationsPreviews.get` `policysimulator.orgPolicyViolationsPreviews.list` `resourcemanager.organizations.get`

Simulator Admin ^Beta

(roles/policysimulator.admin)

Admin user that can run and access replays.

policysimulator.accessPolicySimulationResults.list

policysimulator.accessPolicySimulations.*

policysimulator.accessPolicySimulations.create
policysimulator.accessPolicySimulations.get
policysimulator.accessPolicySimulations.list

policysimulator.replayResults.list

policysimulator.replays.*

policysimulator.replays.create
policysimulator.replays.get
policysimulator.replays.list
policysimulator.replays.run

OrgPolicy Simulator Admin ^Beta

(roles/policysimulator.orgPolicyAdmin)

OrgPolicy Admin that can run and access simulations.

cloudasset.assets.analyzeOrgPolicy

cloudasset.assets.exportResource

cloudasset.assets.listResource

cloudasset.assets.searchAllResources

orgpolicy.customConstraints.get

orgpolicy.customConstraints.list

orgpolicy.policies.list

orgpolicy.policy.get

policysimulator.orgPolicyViolations.list

policysimulator.orgPolicyViolationsPreviews.*

policysimulator.orgPolicyViolationsPreviews.create
policysimulator.orgPolicyViolationsPreviews.get
policysimulator.orgPolicyViolationsPreviews.list

resourcemanager.organizations.get

정책 시뮬레이터 권한

권한	역할에 포함됨
`policysimulator.accessPolicySimulationResults.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 거부 관리자(`roles/iam.denyAdmin`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.create`	소유자(`roles/owner`) 거부 관리자(`roles/iam.denyAdmin`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 거부 관리자(`roles/iam.denyAdmin`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.accessPolicySimulations.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 거부 관리자(`roles/iam.denyAdmin`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.orgPolicyViolations.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 조직 정책 관리자(`roles/orgpolicy.policyAdmin`) 조직 정책 시뮬레이터 관리자(`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.create`	소유자(`roles/owner`) 편집자(`roles/editor`) 조직 정책 관리자(`roles/orgpolicy.policyAdmin`) 조직 정책 시뮬레이터 관리자(`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 조직 정책 관리자(`roles/orgpolicy.policyAdmin`) 조직 정책 시뮬레이터 관리자(`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.orgPolicyViolationsPreviews.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 조직 정책 관리자(`roles/orgpolicy.policyAdmin`) 조직 정책 시뮬레이터 관리자(`roles/policysimulator.orgPolicyAdmin`)
`policysimulator.replayResults.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.replays.create`	소유자(`roles/owner`) 보안 관리자(`roles/iam.securityAdmin`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.replays.get`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 보안 관리자(`roles/iam.securityAdmin`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.replays.list`	소유자(`roles/owner`) 편집자(`roles/editor`) 뷰어 (`roles/viewer`) 보안 관리자(`roles/iam.securityAdmin`) 보안 검토자(`roles/iam.securityReviewer`) 시뮬레이터 관리자(`roles/policysimulator.admin`)
`policysimulator.replays.run`	소유자(`roles/owner`) 보안 관리자(`roles/iam.securityAdmin`) 시뮬레이터 관리자(`roles/policysimulator.admin`)

정책 시뮬레이터 역할 및 권한